Jump to content
ajkaro

[SQLi] challenge

Recommended Posts

Posted

Target:

h~~p://indus[RST]trial[RST]implar.com.br/not[RST]icias-look.php?noticia=1

replace all ~ and remove all [RST]

Tasks:

  • display version with your nick name
  • display numbered list of all tables in primary database
  • for each table (displayed only once) show numbered list of its column names. Display column names for column
    #1, #4 and #5 (if they exists) and numbered them with 1. or 4. or 5. If column #4 (or #5) doesn't exists go to next table name.
  • Display tables in blue color and each column name of the same table in different color for better reading (for example column name #1 in black, #4 in red and #5 in green)

Proof:

browse.php?u=http%3A%2F%2Fwww.anonmgur.com%2Fup%2F12e0ece81a051059ab819d16af50e234.jpg&b=4

Rules:

  • use union select based SQLi
  • post picture as proof and send me your syntax to PM
  • local variables may be used only for numbering, not for columns displaying logic
  • don't share any part of the challenge until challenge is open browse.php?u=http%3A%2F%2Fx.hackforums.net%2Fimages%2Fblackreign%2Fimages%2Fsmilies%2Flipssealed.gif&b=4
  • don't ask for hints until challenge is open browse.php?u=http%3A%2F%2Fx.hackforums.net%2Fimages%2Fblackreign%2Fimages%2Fsmilies%2Fwhistle.gif&b=4

Solvers:

-

Posted

Vad ca prietenul nostru ajkaro a lipsit in ultima vreme, ne vor lipsi challenge-urile lui.

Desi thread-ul este mai vechi am insistat sa postez, pentru ca orice challenge are nevoie de cel putin un solver, chiar daca acesta poate nu va fi inchis niciodata.

Website-ul celor de la anonmgur.com cred ca e down, dar, dupa tasks screenshot-ul ar trebui sa fie asemanator.

g1m7J33.png

local variables may be used only for numbering, not for columns displaying logic

// i skipped this one ajkaro, but don't tell anyone :D

// regards

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...